From: "David E. Box" <david.e.box@linux.intel.com>
To: hdegoede@redhat.com, markgross@kernel.org,
andriy.shevchenko@linux.intel.com, srinivas.pandruvada@intel.com
Cc: "David E. Box" <david.e.box@linux.intel.com>,
platform-driver-x86@vger.kernel.org,
linux-kernel@vger.kernel.org
Subject: [PATCH 7/9] tools/arch/x86: intel_sdsi: Read more On Demand registers
Date: Tue, 1 Nov 2022 12:10:21 -0700 [thread overview]
Message-ID: <20221101191023.4150315-8-david.e.box@linux.intel.com> (raw)
In-Reply-To: <20221101191023.4150315-1-david.e.box@linux.intel.com>
Add decoding of the following On Demand register fields:
1. NVRAM content authorization error status
2. Enabled features: telemetry and attestation
3. Key provisioning status
4. NVRAM update limit
5. PCU_CR3_CAPID_CFG
Link: https://github.com/intel/intel-sdsi/blob/master/state-certificate-encoding.rst
Signed-off-by: David E. Box <david.e.box@linux.intel.com>
---
tools/arch/x86/intel_sdsi/intel_sdsi.c | 50 +++++++++++++++++++++++---
1 file changed, 45 insertions(+), 5 deletions(-)
diff --git a/tools/arch/x86/intel_sdsi/intel_sdsi.c b/tools/arch/x86/intel_sdsi/intel_sdsi.c
index 3718bd0c05cb..01b5f9994e11 100644
--- a/tools/arch/x86/intel_sdsi/intel_sdsi.c
+++ b/tools/arch/x86/intel_sdsi/intel_sdsi.c
@@ -44,10 +44,28 @@
#define __round_mask(x, y) ((__typeof__(x))((y) - 1))
#define round_up(x, y) ((((x) - 1) | __round_mask(x, y)) + 1)
+struct nvram_content_auth_err_sts {
+ uint64_t reserved:3;
+ uint64_t sdsi_content_auth_err:1;
+ uint64_t reserved1:1;
+ uint64_t sdsi_metering_auth_err:1;
+ uint64_t reserved2:58;
+};
+
struct enabled_features {
uint64_t reserved:3;
uint64_t sdsi:1;
- uint64_t reserved1:60;
+ uint64_t reserved1:8;
+ uint64_t attestation:1;
+ uint64_t reserved2:13;
+ uint64_t metering:1;
+ uint64_t reserved3:37;
+};
+
+struct key_provision_status {
+ uint64_t reserved:1;
+ uint64_t license_key_provisioned:1;
+ uint64_t reserved2:62;
};
struct auth_fail_count {
@@ -65,15 +83,23 @@ struct availability {
uint64_t reserved2:10;
};
+struct nvram_update_limit {
+ uint64_t reserved:12;
+ uint64_t sdsi_50_pct:1;
+ uint64_t sdsi_75_pct:1;
+ uint64_t sdsi_90_pct:1;
+ uint64_t reserved2:49;
+};
+
struct sdsi_regs {
uint64_t ppin;
- uint64_t reserved;
+ struct nvram_content_auth_err_sts auth_err_sts;
struct enabled_features en_features;
- uint64_t reserved1;
+ struct key_provision_status key_prov_sts;
struct auth_fail_count auth_fail_count;
struct availability prov_avail;
- uint64_t reserved2;
- uint64_t reserved3;
+ struct nvram_update_limit limits;
+ uint64_t pcu_cr3_capid_cfg;
uint64_t socket_id;
};
@@ -205,8 +231,18 @@ static int sdsi_read_reg(struct sdsi_dev *s)
printf("Socket information for device %s\n", s->dev_name);
printf("\n");
printf("PPIN: 0x%lx\n", s->regs.ppin);
+ printf("NVRAM Content Authorization Error Status\n");
+ printf(" SDSi Auth Err Sts: %s\n", !!s->regs.auth_err_sts.sdsi_content_auth_err ? "Error" : "Okay");
+
+ if (!!s->regs.en_features.metering)
+ printf(" Metering Auth Err Sts: %s\n", !!s->regs.auth_err_sts.sdsi_metering_auth_err ? "Error" : "Okay");
+
printf("Enabled Features\n");
printf(" On Demand: %s\n", !!s->regs.en_features.sdsi ? "Enabled" : "Disabled");
+ printf(" Attestation: %s\n", !!s->regs.en_features.attestation ? "Enabled" : "Disabled");
+ printf(" On Demand: %s\n", !!s->regs.en_features.sdsi ? "Enabled" : "Disabled");
+ printf(" Metering: %s\n", !!s->regs.en_features.metering ? "Enabled" : "Disabled");
+ printf("License Key (AKC) Provisioned: %s\n", !!s->regs.key_prov_sts.license_key_provisioned ? "Yes" : "No");
printf("Authorization Failure Count\n");
printf(" AKC Failure Count: %d\n", s->regs.auth_fail_count.key_failure_count);
printf(" AKC Failure Threshold: %d\n", s->regs.auth_fail_count.key_failure_threshold);
@@ -215,6 +251,10 @@ static int sdsi_read_reg(struct sdsi_dev *s)
printf("Provisioning Availability\n");
printf(" Updates Available: %d\n", s->regs.prov_avail.available);
printf(" Updates Threshold: %d\n", s->regs.prov_avail.threshold);
+ printf("NVRAM Udate Limit\n");
+ printf(" 50%% Limit Reached: %s\n", !!s->regs.limits.sdsi_50_pct ? "Yes" : "No");
+ printf(" 75%% Limit Reached: %s\n", !!s->regs.limits.sdsi_75_pct ? "Yes" : "No");
+ printf(" 90%% Limit Reached: %s\n", !!s->regs.limits.sdsi_90_pct ? "Yes" : "No");
printf("Socket ID: %ld\n", s->regs.socket_id & 0xF);
return 0;
--
2.25.1
next prev parent reply other threads:[~2022-11-01 19:11 UTC|newest]
Thread overview: 27+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-11-01 19:10 [PATCH 0/9] Extend Intel On Demand (SDSi) support David E. Box
2022-11-01 19:10 ` [PATCH 1/9] platform/x86/intel/sdsi: Add Intel On Demand text David E. Box
2022-11-17 13:17 ` Hans de Goede
2022-11-01 19:10 ` [PATCH 2/9] platform/x86/intel/sdsi: Hide attributes if hardware doesn't support David E. Box
2022-11-17 13:18 ` Hans de Goede
2022-11-01 19:10 ` [PATCH 3/9] platform/x86/intel/sdsi: Support different GUIDs David E. Box
2022-11-02 10:44 ` Andy Shevchenko
2022-11-03 3:12 ` David E. Box
2022-11-17 13:30 ` Hans de Goede
2022-11-01 19:10 ` [PATCH 4/9] platform/x86/intel/sdsi: Add meter certificate support David E. Box
2022-11-02 10:46 ` Andy Shevchenko
2022-11-03 3:13 ` David E. Box
2022-11-17 13:33 ` Hans de Goede
2022-11-01 19:10 ` [PATCH 5/9] tools/arch/x86: intel_sdsi: Add support for reading state certificates David E. Box
2022-11-17 13:51 ` Hans de Goede
2022-11-01 19:10 ` [PATCH 6/9] tools/arch/x86: intel_sdsi: Add Intel On Demand text David E. Box
2022-11-17 13:52 ` Hans de Goede
2022-11-01 19:10 ` David E. Box [this message]
2022-11-17 13:52 ` [PATCH 7/9] tools/arch/x86: intel_sdsi: Read more On Demand registers Hans de Goede
2022-11-01 19:10 ` [PATCH 8/9] tools/arch/x86: intel_sdsi: Add support for new GUID David E. Box
2022-11-17 13:55 ` Hans de Goede
2022-11-01 19:10 ` [PATCH 9/9] tools/arch/x86: intel_sdsi: Add support for reading meter certificates David E. Box
2022-11-17 13:58 ` Hans de Goede
2022-11-07 14:18 ` [PATCH 0/9] Extend Intel On Demand (SDSi) support Hans de Goede
2022-11-17 14:01 ` Hans de Goede
2022-11-17 16:00 ` David E. Box
2022-11-27 20:20 ` Pavel Machek
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20221101191023.4150315-8-david.e.box@linux.intel.com \
--to=david.e.box@linux.intel.com \
--cc=andriy.shevchenko@linux.intel.com \
--cc=hdegoede@redhat.com \
--cc=linux-kernel@vger.kernel.org \
--cc=markgross@kernel.org \
--cc=platform-driver-x86@vger.kernel.org \
--cc=srinivas.pandruvada@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox